Version Description
- Allow internal cron jobs to run even if wp-cron.php is blocked.
- Check with wp_filesystem for any errors and output the messages, before attempt to write any content
- Trigger site cache clear on settings changed or code update
- Slight css updates
- Mark block option in red text for better visibility and user awareness
Download this release
Release Info
Developer | nsp-code |
Plugin | WP Hide & Security Enhancer |
Version | 1.5.6.7 |
Comparing to | |
See all releases |
Code changes from version 1.5.6.3 to 1.5.6.7
- compatibility/shortpixel-adaptive-images.php +3 -0
- css/wph.css +1 -1
- include/functions.class.php +49 -2
- include/update.class.php +10 -21
- include/wph.class.php +81 -38
- modules/components/admin-admin_url.php +1 -1
- modules/components/admin-new_wp_login_php.php +2 -2
- modules/components/general-html.php +2 -1
- modules/components/rewrite-new_include_path.php +1 -1
- modules/components/rewrite-new_plugin_path.php +1 -1
- modules/components/rewrite-new_upload_path.php +1 -1
- modules/components/rewrite-root-files.php +56 -2
- modules/components/rewrite-wp_content_path.php +1 -1
- readme.txt +12 -1
- router/environment.php +1 -1
- wp-hide.php +1 -1
compatibility/shortpixel-adaptive-images.php
CHANGED
@@ -11,6 +11,9 @@
|
|
11 |
|
12 |
static function init()
|
13 |
{
|
|
|
|
|
|
|
14 |
add_action('wp_calculate_image_srcset', array( 'WPH_conflict_shortpixel_ai', 'wp_calculate_image_srcset') , -1, 5);
|
15 |
|
16 |
add_action( 'init', array( 'WPH_conflict_shortpixel_ai', 'init_ob'), 2 );
|
11 |
|
12 |
static function init()
|
13 |
{
|
14 |
+
if( ! self::is_plugin_active())
|
15 |
+
return FALSE;
|
16 |
+
|
17 |
add_action('wp_calculate_image_srcset', array( 'WPH_conflict_shortpixel_ai', 'wp_calculate_image_srcset') , -1, 5);
|
18 |
|
19 |
add_action( 'init', array( 'WPH_conflict_shortpixel_ai', 'init_ob'), 2 );
|
css/wph.css
CHANGED
@@ -42,7 +42,7 @@ table.wph_input tbody tr td.label .description .important {color: #d54e21}
|
|
42 |
table.wph_input tbody tr td.label .description .dashicons, table.wph_input tbody tr td.label .description span {display: inline-block}
|
43 |
table.wph_input tbody tr td.label .description span {padding-left: 5px; line-height: 18px;}
|
44 |
table.wph_input tbody tr td.label .description span a {display: block}
|
45 |
-
table.wph_input tbody tr td.label .description span.important {color: #
|
46 |
table.wph_input tbody tr td.label .description span.info {padding-left: 0px; color:#d54e21; font-style: italic;}
|
47 |
table.wph_input tbody tr td.label .description .pointer {cursor:pointer}
|
48 |
table.wph_input tbody tr td.label .description .notice-success, table.wph_input tbody tr td.label .description .notice-error {padding: 10px 12px; background-color: #fff;}
|
42 |
table.wph_input tbody tr td.label .description .dashicons, table.wph_input tbody tr td.label .description span {display: inline-block}
|
43 |
table.wph_input tbody tr td.label .description span {padding-left: 5px; line-height: 18px;}
|
44 |
table.wph_input tbody tr td.label .description span a {display: block}
|
45 |
+
table.wph_input tbody tr td.label .description span.important {color: #d54e21; padding-left: 0px }
|
46 |
table.wph_input tbody tr td.label .description span.info {padding-left: 0px; color:#d54e21; font-style: italic;}
|
47 |
table.wph_input tbody tr td.label .description .pointer {cursor:pointer}
|
48 |
table.wph_input tbody tr td.label .description .notice-success, table.wph_input tbody tr td.label .description .notice-error {padding: 10px 12px; background-color: #fff;}
|
include/functions.class.php
CHANGED
@@ -1438,9 +1438,16 @@
|
|
1438 |
}
|
1439 |
|
1440 |
//check for url encoded urls
|
1441 |
-
foreach($_relative_domain_url_replacements_dq as $old_url => $new_url)
|
1442 |
{
|
1443 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1444 |
$text = str_ireplace( trim( urlencode(trim( $old_url, '"')), '"' ) , trim( urlencode(trim ( $new_url, '"')), '"' ) ,$text );
|
1445 |
}
|
1446 |
|
@@ -2452,6 +2459,46 @@
|
|
2452 |
}
|
2453 |
|
2454 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2455 |
/**
|
2456 |
* Recursivelly remove all fodlers and files within a directory
|
2457 |
*
|
1438 |
}
|
1439 |
|
1440 |
//check for url encoded urls
|
1441 |
+
foreach( $_relative_domain_url_replacements_dq as $old_url => $new_url )
|
1442 |
{
|
1443 |
+
/*
|
1444 |
+
* JSON always use double quotes
|
1445 |
+
* use double quote type at the start of the string (per json encodync) to avoid replacing for non-local domains
|
1446 |
+
* e.g. "collectionThumbnail":"https:\/\/wp.envatoextensions.com\/kit-57\/wp-content\/uploads\/sites\/60\/2018\/08\/screenshot-20-1540279812-300x997.jpg"
|
1447 |
+
*/
|
1448 |
+
//$text = str_ireplace( "'" . trim( json_encode( trim( $old_url, '"')), '"' ) , "'" . trim( json_encode( trim ( $new_url, '"')), '"' ) ,$text );
|
1449 |
+
$text = str_ireplace( '"' . trim( json_encode( trim( $old_url, '"')), '"' ) , '"' . trim( json_encode( trim ( $new_url, '"')), '"' ) ,$text );
|
1450 |
+
|
1451 |
$text = str_ireplace( trim( urlencode(trim( $old_url, '"')), '"' ) , trim( urlencode(trim ( $new_url, '"')), '"' ) ,$text );
|
1452 |
}
|
1453 |
|
2459 |
}
|
2460 |
|
2461 |
|
2462 |
+
|
2463 |
+
/**
|
2464 |
+
* Clear any cache plugins
|
2465 |
+
*
|
2466 |
+
*/
|
2467 |
+
function site_cache_clear()
|
2468 |
+
{
|
2469 |
+
if (function_exists('wp_cache_clear_cache'))
|
2470 |
+
wp_cache_clear_cache();
|
2471 |
+
|
2472 |
+
if (function_exists('w3tc_flush_all'))
|
2473 |
+
w3tc_flush_all();
|
2474 |
+
|
2475 |
+
if (function_exists('opcache_reset'))
|
2476 |
+
opcache_reset();
|
2477 |
+
|
2478 |
+
if ( function_exists( 'rocket_clean_domain' ) )
|
2479 |
+
rocket_clean_domain();
|
2480 |
+
|
2481 |
+
global $wp_fastest_cache;
|
2482 |
+
if ( method_exists( 'WpFastestCache', 'deleteCache' ) && !empty( $wp_fastest_cache ) )
|
2483 |
+
$wp_fastest_cache->deleteCache();
|
2484 |
+
|
2485 |
+
//If your host has installed APC cache this plugin allows you to clear the cache from within WordPress
|
2486 |
+
if (function_exists('apc_clear_cache'))
|
2487 |
+
apc_clear_cache();
|
2488 |
+
|
2489 |
+
//WPEngine
|
2490 |
+
if ( class_exists( 'WpeCommon' ) )
|
2491 |
+
{
|
2492 |
+
if ( method_exists( 'WpeCommon', 'purge_memcached' ) )
|
2493 |
+
WpeCommon::purge_memcached();
|
2494 |
+
if ( method_exists( 'WpeCommon', 'clear_maxcdn_cache' ) )
|
2495 |
+
WpeCommon::clear_maxcdn_cache();
|
2496 |
+
if ( method_exists( 'WpeCommon', 'purge_varnish_cache' ) )
|
2497 |
+
WpeCommon::purge_varnish_cache();
|
2498 |
+
}
|
2499 |
+
}
|
2500 |
+
|
2501 |
+
|
2502 |
/**
|
2503 |
* Recursivelly remove all fodlers and files within a directory
|
2504 |
*
|
include/update.class.php
CHANGED
@@ -213,6 +213,13 @@
|
|
213 |
WPH_functions::copy_mu_loader( TRUE );
|
214 |
|
215 |
$version = '1.4.8.3';
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
216 |
}
|
217 |
|
218 |
|
@@ -230,12 +237,12 @@
|
|
230 |
|
231 |
|
232 |
//Always generate the environment file
|
233 |
-
|
234 |
|
235 |
|
236 |
//save the last code version
|
237 |
$this->wph->settings['version'] = WPH_CORE_VERSION;
|
238 |
-
|
239 |
|
240 |
}
|
241 |
|
@@ -257,25 +264,7 @@
|
|
257 |
|
258 |
flush_rewrite_rules();
|
259 |
|
260 |
-
|
261 |
-
if (function_exists('w3tc_pgcache_flush'))
|
262 |
-
w3tc_pgcache_flush();
|
263 |
-
|
264 |
-
//recheck if permalinks where saved sucessfully and redirect
|
265 |
-
|
266 |
-
/**
|
267 |
-
* ToDo Possible not necesarely?
|
268 |
-
* 1) Through AJAX, plugin update - it trigger the first update so flush_rules()
|
269 |
-
* 2) Through regular plugin update, no new plugin files are being run
|
270 |
-
*/
|
271 |
-
/*
|
272 |
-
if( !defined( 'DOING_AJAX' ) && $this->wph->permalinks_not_applied === FALSE && $this->wph->functions->rewrite_rules_applied() === TRUE)
|
273 |
-
{
|
274 |
-
//reload the page
|
275 |
-
wp_redirect($this->wph->functions->get_current_url());
|
276 |
-
die();
|
277 |
-
}
|
278 |
-
*/
|
279 |
}
|
280 |
|
281 |
}
|
213 |
WPH_functions::copy_mu_loader( TRUE );
|
214 |
|
215 |
$version = '1.4.8.3';
|
216 |
+
}
|
217 |
+
|
218 |
+
if(version_compare($version, '1.5.6.6', '<'))
|
219 |
+
{
|
220 |
+
$_trigger_flush_rules = TRUE;
|
221 |
+
|
222 |
+
$version = '1.5.6.6';
|
223 |
}
|
224 |
|
225 |
|
237 |
|
238 |
|
239 |
//Always generate the environment file
|
240 |
+
//$this->wph->set_static_environment_file();
|
241 |
|
242 |
|
243 |
//save the last code version
|
244 |
$this->wph->settings['version'] = WPH_CORE_VERSION;
|
245 |
+
//$this->wph->functions->update_settings($this->wph->settings);
|
246 |
|
247 |
}
|
248 |
|
264 |
|
265 |
flush_rewrite_rules();
|
266 |
|
267 |
+
$this->wph->functions->site_cache_clear();
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
268 |
}
|
269 |
|
270 |
}
|
include/wph.class.php
CHANGED
@@ -497,6 +497,58 @@
|
|
497 |
|
498 |
}
|
499 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
500 |
}
|
501 |
|
502 |
/**
|
@@ -735,39 +787,7 @@
|
|
735 |
//allow rewrite
|
736 |
flush_rewrite_rules();
|
737 |
|
738 |
-
|
739 |
-
* Clear any cache plugins
|
740 |
-
*/
|
741 |
-
if (function_exists('wp_cache_clear_cache'))
|
742 |
-
wp_cache_clear_cache();
|
743 |
-
|
744 |
-
if (function_exists('w3tc_flush_all'))
|
745 |
-
w3tc_flush_all();
|
746 |
-
|
747 |
-
if (function_exists('opcache_reset'))
|
748 |
-
opcache_reset();
|
749 |
-
|
750 |
-
if ( function_exists( 'rocket_clean_domain' ) )
|
751 |
-
rocket_clean_domain();
|
752 |
-
|
753 |
-
global $wp_fastest_cache;
|
754 |
-
if ( method_exists( 'WpFastestCache', 'deleteCache' ) && !empty( $wp_fastest_cache ) )
|
755 |
-
$wp_fastest_cache->deleteCache();
|
756 |
-
|
757 |
-
//If your host has installed APC cache this plugin allows you to clear the cache from within WordPress
|
758 |
-
if (function_exists('apc_clear_cache'))
|
759 |
-
apc_clear_cache();
|
760 |
-
|
761 |
-
//WPEngine
|
762 |
-
if ( class_exists( 'WpeCommon' ) )
|
763 |
-
{
|
764 |
-
if ( method_exists( 'WpeCommon', 'purge_memcached' ) )
|
765 |
-
WpeCommon::purge_memcached();
|
766 |
-
if ( method_exists( 'WpeCommon', 'clear_maxcdn_cache' ) )
|
767 |
-
WpeCommon::clear_maxcdn_cache();
|
768 |
-
if ( method_exists( 'WpeCommon', 'purge_varnish_cache' ) )
|
769 |
-
WpeCommon::purge_varnish_cache();
|
770 |
-
}
|
771 |
|
772 |
}
|
773 |
|
@@ -825,7 +845,11 @@
|
|
825 |
|
826 |
//if nothing has changed exit
|
827 |
if ( $environment_variable == json_encode($_environment_variable) )
|
828 |
-
|
|
|
|
|
|
|
|
|
829 |
}
|
830 |
|
831 |
global $wp_filesystem;
|
@@ -846,11 +870,25 @@
|
|
846 |
|
847 |
$file_data = ob_get_contents();
|
848 |
ob_end_clean();
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
849 |
|
850 |
-
if( ! $wp_filesystem->put_contents( WPH_PATH . 'router/environment.php', $file_data , FS_CHMOD_FILE) )
|
851 |
{
|
852 |
-
|
853 |
-
delete_transient( 'wph-
|
854 |
|
855 |
$process_interface_save_errors[] = array( 'type' => 'error',
|
856 |
'message' => __('Unable to create environment static file. Is ', 'wp-hide-security-enhancer') . WPH_PATH . 'router/ ' . __('writable', 'wp-hide-security-enhancer') . '? <b>Remove description header from Style file</b> and <b>Child - Remove description header from Style file</b> ' . __('will not work correctly, so where turned off.', 'wp-hide-security-enhancer')
|
@@ -866,7 +904,12 @@
|
|
866 |
//regenerate permalinks
|
867 |
$this->settings_changed();
|
868 |
|
869 |
-
set_transient( 'wph-
|
|
|
|
|
|
|
|
|
|
|
870 |
}
|
871 |
|
872 |
|
497 |
|
498 |
}
|
499 |
|
500 |
+
|
501 |
+
//output any other errors message
|
502 |
+
$process_errors = get_transient( 'wph-process_set_static_environment_errors' );
|
503 |
+
if ( is_array( $process_errors ) && count ( $process_errors ) > 0 )
|
504 |
+
{
|
505 |
+
$found_warnings = FALSE;
|
506 |
+
$found_errors = FALSE;
|
507 |
+
|
508 |
+
if( is_array($process_errors ) && count($process_errors ) > 0)
|
509 |
+
{
|
510 |
+
foreach ( $process_errors as $process_interface_save_error )
|
511 |
+
{
|
512 |
+
if($process_interface_save_error['type'] === 'warning')
|
513 |
+
$found_warnings = TRUE;
|
514 |
+
|
515 |
+
if($process_interface_save_error['type'] === 'error')
|
516 |
+
$found_errors = TRUE;
|
517 |
+
}
|
518 |
+
|
519 |
+
}
|
520 |
+
|
521 |
+
//display the warnings
|
522 |
+
if( $found_warnings === TRUE )
|
523 |
+
{
|
524 |
+
echo "<div class='notice notice-warning'><p>";
|
525 |
+
foreach ( $process_errors as $process_interface_save_error )
|
526 |
+
{
|
527 |
+
if($process_interface_save_error['type'] == 'warning')
|
528 |
+
{
|
529 |
+
echo $process_interface_save_error['message'] .'<br />';
|
530 |
+
}
|
531 |
+
}
|
532 |
+
echo "</p></div>";
|
533 |
+
}
|
534 |
+
|
535 |
+
//display the errors
|
536 |
+
if( $found_errors === TRUE )
|
537 |
+
{
|
538 |
+
echo "<div class='notice notice-error'><p>";
|
539 |
+
foreach ( $process_errors as $process_interface_save_error )
|
540 |
+
{
|
541 |
+
if($process_interface_save_error['type'] == 'error')
|
542 |
+
{
|
543 |
+
echo $process_interface_save_error['message'] .'<br />';
|
544 |
+
}
|
545 |
+
}
|
546 |
+
echo "</p></div>";
|
547 |
+
}
|
548 |
+
|
549 |
+
|
550 |
+
}
|
551 |
+
|
552 |
}
|
553 |
|
554 |
/**
|
787 |
//allow rewrite
|
788 |
flush_rewrite_rules();
|
789 |
|
790 |
+
$this->functions->site_cache_clear();
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
791 |
|
792 |
}
|
793 |
|
845 |
|
846 |
//if nothing has changed exit
|
847 |
if ( $environment_variable == json_encode($_environment_variable) )
|
848 |
+
{
|
849 |
+
//delete any error notice
|
850 |
+
delete_transient( 'wph-process_set_static_environment_errors' );
|
851 |
+
return;
|
852 |
+
}
|
853 |
}
|
854 |
|
855 |
global $wp_filesystem;
|
870 |
|
871 |
$file_data = ob_get_contents();
|
872 |
ob_end_clean();
|
873 |
+
|
874 |
+
$process_interface_save_errors = array();
|
875 |
+
|
876 |
+
if ( is_wp_error( $wp_filesystem->errors ) && $wp_filesystem->errors->has_errors() )
|
877 |
+
{
|
878 |
+
delete_transient( 'wph-process_set_static_environment_errors' );
|
879 |
+
|
880 |
+
$process_interface_save_errors[] = array( 'type' => 'error',
|
881 |
+
'message' => __('Unable to create environment static file. The system returned the following error: ', 'wp-hide-security-enhancer') . $wp_filesystem->errors->get_error_message()
|
882 |
+
);
|
883 |
+
set_transient( 'wph-process_set_static_environment_errors', $process_interface_save_errors, HOUR_IN_SECONDS );
|
884 |
+
|
885 |
+
return;
|
886 |
+
}
|
887 |
|
888 |
+
if ( ! $wp_filesystem->put_contents( WPH_PATH . 'router/environment.php', $file_data , FS_CHMOD_FILE) )
|
889 |
{
|
890 |
+
|
891 |
+
delete_transient( 'wph-process_set_static_environment_errors' );
|
892 |
|
893 |
$process_interface_save_errors[] = array( 'type' => 'error',
|
894 |
'message' => __('Unable to create environment static file. Is ', 'wp-hide-security-enhancer') . WPH_PATH . 'router/ ' . __('writable', 'wp-hide-security-enhancer') . '? <b>Remove description header from Style file</b> and <b>Child - Remove description header from Style file</b> ' . __('will not work correctly, so where turned off.', 'wp-hide-security-enhancer')
|
904 |
//regenerate permalinks
|
905 |
$this->settings_changed();
|
906 |
|
907 |
+
set_transient( 'wph-process_set_static_environment_errors', $process_interface_save_errors, HOUR_IN_SECONDS );
|
908 |
+
}
|
909 |
+
else
|
910 |
+
{
|
911 |
+
//delete any error notice
|
912 |
+
delete_transient( 'wph-process_set_static_environment_errors' );
|
913 |
}
|
914 |
|
915 |
|
modules/components/admin-admin_url.php
CHANGED
@@ -29,7 +29,7 @@
|
|
29 |
'id' => 'block_default_admin_url',
|
30 |
'label' => __('Block default Admin Url', 'wp-hide-security-enhancer'),
|
31 |
'description' => array(
|
32 |
-
__('Block default admin url and files from being accesible.', 'wp-hide-security-enhancer')
|
33 |
),
|
34 |
'input_type' => 'radio',
|
35 |
'options' => array(
|
29 |
'id' => 'block_default_admin_url',
|
30 |
'label' => __('Block default Admin Url', 'wp-hide-security-enhancer'),
|
31 |
'description' => array(
|
32 |
+
'<span class="important">'. __('Ensure the above option works correctly on your server before activate this.', 'wp-hide-security-enhancer') .'</span><br />' . __('Block default admin url and files from being accesible.', 'wp-hide-security-enhancer')
|
33 |
),
|
34 |
'input_type' => 'radio',
|
35 |
'options' => array(
|
modules/components/admin-new_wp_login_php.php
CHANGED
@@ -17,7 +17,7 @@
|
|
17 |
'description' => array(
|
18 |
__('Map a new wp-login.php instead default. This also need to include <i>.php</i> extension.', 'wp-hide-security-enhancer') . '<br />'
|
19 |
. __('More details can be found at', 'wp-hide-security-enhancer') .' <a href="http://www.wp-hide.com/documentation/admin-change-wp-login-php/" target="_blank">Link</a>',
|
20 |
-
'<div class="notice-error"><
|
21 |
|
22 |
),
|
23 |
'input_type' => 'text',
|
@@ -30,7 +30,7 @@
|
|
30 |
$this->module_settings[] = array(
|
31 |
'id' => 'block_default_wp_login_php',
|
32 |
'label' => __('Block default wp-login.php', 'wp-hide-security-enhancer'),
|
33 |
-
'description' => __('Block default wp-login.php file from being accesible.', 'wp-hide-security-enhancer'),
|
34 |
|
35 |
'input_type' => 'radio',
|
36 |
'options' => array(
|
17 |
'description' => array(
|
18 |
__('Map a new wp-login.php instead default. This also need to include <i>.php</i> extension.', 'wp-hide-security-enhancer') . '<br />'
|
19 |
. __('More details can be found at', 'wp-hide-security-enhancer') .' <a href="http://www.wp-hide.com/documentation/admin-change-wp-login-php/" target="_blank">Link</a>',
|
20 |
+
'<div class="notice-error"><span class="important"><span class="dashicons dashicons-warning important" alt="f534">'. __('warning', 'wp-hide-security-enhancer') .'</span> ' . __('Make sure your log-in url is not already modified by another plugin or theme. In such case, you should disable other code and take advantage of these features. More details at ', 'wp-hide-security-enhancer') . '<a target="_blank" href="http://www.wp-hide.com/login-conflicts/">'. __('Login Conflicts', 'wp-hide-security-enhancer') .'</a></span></div>'
|
21 |
|
22 |
),
|
23 |
'input_type' => 'text',
|
30 |
$this->module_settings[] = array(
|
31 |
'id' => 'block_default_wp_login_php',
|
32 |
'label' => __('Block default wp-login.php', 'wp-hide-security-enhancer'),
|
33 |
+
'description' => '<span class="important">'. __('Ensure the above option works correctly on your server before activate this.', 'wp-hide-security-enhancer') .'</span><br />' . __('Block default wp-login.php file from being accesible.', 'wp-hide-security-enhancer'),
|
34 |
|
35 |
'input_type' => 'radio',
|
36 |
'options' => array(
|
modules/components/general-html.php
CHANGED
@@ -153,7 +153,8 @@
|
|
153 |
$buffer = preg_replace('/<!--(?!\s*(?:\[if [^\]]+]|<!|>))(?:(?!-->)(.|\n))*-->/sm', "" , $buffer);
|
154 |
|
155 |
//replace any JavaScript comments
|
156 |
-
//$buffer = preg_replace('
|
|
|
157 |
|
158 |
//remove empty multiple new lines
|
159 |
$buffer = preg_replace("/(\n){2,}/", "\n", $buffer);
|
153 |
$buffer = preg_replace('/<!--(?!\s*(?:\[if [^\]]+]|<!|>))(?:(?!-->)(.|\n))*-->/sm', "" , $buffer);
|
154 |
|
155 |
//replace any JavaScript comments
|
156 |
+
//$buffer = preg_replace('/(\s+)(\/\/)([a-zA-Z\s]+)(\s+)/sm', "" , $buffer);
|
157 |
+
//$buffer = preg_replace('/(\s+)(\/\*)([a-zA-Z\s\n]+)(\*\/)(\s+)/sm', "" , $buffer);
|
158 |
|
159 |
//remove empty multiple new lines
|
160 |
$buffer = preg_replace("/(\n){2,}/", "\n", $buffer);
|
modules/components/rewrite-new_include_path.php
CHANGED
@@ -27,7 +27,7 @@
|
|
27 |
$this->module_settings[] = array(
|
28 |
'id' => 'block_wpinclude_url',
|
29 |
'label' => __('Block wp-includes URL', 'wp-hide-security-enhancer'),
|
30 |
-
'description' => __('Block wp-includes files from being accesible through default urls. <br />Apply only if <b>New Includes Path</b> is not empty.
|
31 |
|
32 |
'input_type' => 'radio',
|
33 |
'options' => array(
|
27 |
$this->module_settings[] = array(
|
28 |
'id' => 'block_wpinclude_url',
|
29 |
'label' => __('Block wp-includes URL', 'wp-hide-security-enhancer'),
|
30 |
+
'description' => '<span class="important">'. __('Ensure the above option works correctly on your server before activate this.', 'wp-hide-security-enhancer') .'</span><br />'. __('Block wp-includes files from being accesible through default urls. <br />Apply only if <b>New Includes Path</b> is not empty. Blocks only for non loged-in users.', 'wp-hide-security-enhancer'),
|
31 |
|
32 |
'input_type' => 'radio',
|
33 |
'options' => array(
|
modules/components/rewrite-new_plugin_path.php
CHANGED
@@ -28,7 +28,7 @@
|
|
28 |
$this->module_settings[] = array(
|
29 |
'id' => 'block_plugins_url',
|
30 |
'label' => __('Block plugins URL', 'wp-hide-security-enhancer'),
|
31 |
-
'description' => __('Block plugins files from being accesible through default urls.', 'wp-hide-security-enhancer') . '<br />'.__('Apply only if ', 'wp-hide-security-enhancer') . '<b>New Plugin Path</b> ' . __('is not empty.', 'wp-hide-security-enhancer'),
|
32 |
|
33 |
'input_type' => 'radio',
|
34 |
'options' => array(
|
28 |
$this->module_settings[] = array(
|
29 |
'id' => 'block_plugins_url',
|
30 |
'label' => __('Block plugins URL', 'wp-hide-security-enhancer'),
|
31 |
+
'description' => '<span class="important">'. __('Ensure the above option works correctly on your server before activate this.', 'wp-hide-security-enhancer') .'</span><br />'. __('Block plugins files from being accesible through default urls.', 'wp-hide-security-enhancer') . '<br />'.__('Apply only if ', 'wp-hide-security-enhancer') . '<b>New Plugin Path</b> ' . __('is not empty.', 'wp-hide-security-enhancer'),
|
32 |
|
33 |
'input_type' => 'radio',
|
34 |
'options' => array(
|
modules/components/rewrite-new_upload_path.php
CHANGED
@@ -28,7 +28,7 @@
|
|
28 |
$this->module_settings[] = array(
|
29 |
'id' => 'block_upload_url',
|
30 |
'label' => __('Block default uploads URL', 'wp-hide-security-enhancer'),
|
31 |
-
'description' => __('
|
32 |
|
33 |
'input_type' => 'radio',
|
34 |
'options' => array(
|
28 |
$this->module_settings[] = array(
|
29 |
'id' => 'block_upload_url',
|
30 |
'label' => __('Block default uploads URL', 'wp-hide-security-enhancer'),
|
31 |
+
'description' => '<span class="important">'. __('Ensure the above option works correctly on your server before activate this.', 'wp-hide-security-enhancer') .'</span><br />' . __('Block default wp-content/uploads/ media folder from being accesible through default urls.', 'wp-hide-security-enhancer') . ' <br />' . __('Apply only if', 'wp-hide-security-enhancer') .' <b>New Upload Path</b> '.__('is not empty.', 'wp-hide-security-enhancer'),
|
32 |
|
33 |
'input_type' => 'radio',
|
34 |
'options' => array(
|
modules/components/rewrite-root-files.php
CHANGED
@@ -62,10 +62,21 @@
|
|
62 |
'processing_order' => 55
|
63 |
);
|
64 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
65 |
$this->module_settings[] = array(
|
66 |
'id' => 'block_wp_cron_php',
|
67 |
'label' => __('Block wp-cron.php', 'wp-hide-security-enhancer'),
|
68 |
-
'description' =>
|
69 |
|
70 |
'input_type' => 'radio',
|
71 |
'options' => array(
|
@@ -246,19 +257,39 @@
|
|
246 |
|
247 |
$text = '';
|
248 |
|
|
|
|
|
249 |
if($this->wph->server_htaccess_config === TRUE)
|
250 |
{
|
251 |
$text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
|
|
|
|
|
|
|
|
|
|
|
|
|
252 |
$text .= "RewriteRule ^" . $rewrite_base ." ". $rewrite_to ."?wph-throw-404 [L]";
|
253 |
}
|
254 |
|
255 |
if($this->wph->server_web_config === TRUE)
|
|
|
256 |
$text = '
|
257 |
<rule name="wph-block_wp_cron_php" stopProcessing="true">
|
258 |
-
<match url="^' . $rewrite_base . '" />
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
259 |
<action type="Rewrite" url="'. $rewrite_to .'?wph-throw-404" />
|
260 |
</rule>
|
261 |
';
|
|
|
262 |
|
263 |
$processing_response['rewrite'] = $text;
|
264 |
|
@@ -379,5 +410,28 @@
|
|
379 |
|
380 |
return $processing_response;
|
381 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
382 |
}
|
383 |
?>
|
62 |
'processing_order' => 55
|
63 |
);
|
64 |
|
65 |
+
$local_ip = $this->domain_get_ip();
|
66 |
+
$option_description = __('Block access to wp-cron.php file. If remote cron calls not being used this can be set to Yes.', 'wp-hide-security-enhancer');
|
67 |
+
if ( $local_ip === FALSE )
|
68 |
+
{
|
69 |
+
$option_description .= '<br /><span class="important">' . __('Unable to identify site domain IP, blocking wp-cron.php will stop the site internal WordPress cron functionality.', 'wp-hide-security-enhancer') . '</span>';
|
70 |
+
}
|
71 |
+
else
|
72 |
+
{
|
73 |
+
$option_description .= '<br /><span class="important">' . __('Site domain rezolved to IP', 'wp-hide-security-enhancer') . ' ' . $local_ip . ' ' . __('If blocked, all internal calls to cron will continue to run fine. All calls from a different IP are blocked, including direct calls.', 'wp-hide-security-enhancer') . '</span>';
|
74 |
+
}
|
75 |
+
|
76 |
$this->module_settings[] = array(
|
77 |
'id' => 'block_wp_cron_php',
|
78 |
'label' => __('Block wp-cron.php', 'wp-hide-security-enhancer'),
|
79 |
+
'description' => $option_description,
|
80 |
|
81 |
'input_type' => 'radio',
|
82 |
'options' => array(
|
257 |
|
258 |
$text = '';
|
259 |
|
260 |
+
$local_ip = $this->domain_get_ip();
|
261 |
+
|
262 |
if($this->wph->server_htaccess_config === TRUE)
|
263 |
{
|
264 |
$text = "RewriteCond %{ENV:REDIRECT_STATUS} ^$\n";
|
265 |
+
|
266 |
+
if ( $local_ip !== FALSE )
|
267 |
+
{
|
268 |
+
$text .= "RewriteCond %{REMOTE_ADDR} !^". str_replace(".",'\.', $local_ip ) ."$\n";
|
269 |
+
}
|
270 |
+
|
271 |
$text .= "RewriteRule ^" . $rewrite_base ." ". $rewrite_to ."?wph-throw-404 [L]";
|
272 |
}
|
273 |
|
274 |
if($this->wph->server_web_config === TRUE)
|
275 |
+
{
|
276 |
$text = '
|
277 |
<rule name="wph-block_wp_cron_php" stopProcessing="true">
|
278 |
+
<match url="^' . $rewrite_base . '" />';
|
279 |
+
|
280 |
+
if ( $local_ip !== FALSE )
|
281 |
+
{
|
282 |
+
$text .= '
|
283 |
+
<conditions>
|
284 |
+
<add input="{REMOTE_ADDR}" pattern="^'. str_replace(".",'\.', $local_ip ) . '$" ignoreCase="true" negate="true" />
|
285 |
+
</conditions>';
|
286 |
+
}
|
287 |
+
|
288 |
+
$text .= '
|
289 |
<action type="Rewrite" url="'. $rewrite_to .'?wph-throw-404" />
|
290 |
</rule>
|
291 |
';
|
292 |
+
}
|
293 |
|
294 |
$processing_response['rewrite'] = $text;
|
295 |
|
410 |
|
411 |
return $processing_response;
|
412 |
}
|
413 |
+
|
414 |
+
|
415 |
+
/**
|
416 |
+
* Return curent domain reversed ip
|
417 |
+
*
|
418 |
+
*/
|
419 |
+
function domain_get_ip()
|
420 |
+
{
|
421 |
+
$local_ip = FALSE;
|
422 |
+
$site_domain_parsed = parse_url( home_url() );
|
423 |
+
if ( $site_domain_parsed !== FALSE && function_exists('gethostbyname') && function_exists('ip2long') )
|
424 |
+
{
|
425 |
+
$site_domain_is_ip = ip2long( $site_domain_parsed['host'] ) === FALSE ? FALSE : TRUE;
|
426 |
+
$local_ip = gethostbyname( $site_domain_parsed['host'] );
|
427 |
+
|
428 |
+
if ( $site_domain_is_ip === FALSE && $local_ip == $site_domain_parsed['host'] )
|
429 |
+
$local_ip = FALSE;
|
430 |
+
|
431 |
+
}
|
432 |
+
|
433 |
+
return $local_ip;
|
434 |
+
}
|
435 |
+
|
436 |
}
|
437 |
?>
|
modules/components/rewrite-wp_content_path.php
CHANGED
@@ -28,7 +28,7 @@
|
|
28 |
$this->module_settings[] = array(
|
29 |
'id' => 'block_wp_content_path',
|
30 |
'label' => __('Block wp-content URL', 'wp-hide-security-enhancer'),
|
31 |
-
'description' => __('Block default content path. Your default wp-content path is set to', 'wp-hide-security-enhancer') . ' <strong>'. $this->wph->default_variables['content_directory'] .'</strong>
|
32 |
'. __('Apply only if <b>New Content Path</b> is not empty. It block only for non loged-in users.', 'wp-hide-security-enhancer'),
|
33 |
|
34 |
'input_type' => 'radio',
|
28 |
$this->module_settings[] = array(
|
29 |
'id' => 'block_wp_content_path',
|
30 |
'label' => __('Block wp-content URL', 'wp-hide-security-enhancer'),
|
31 |
+
'description' => '<span class="important">'. __('Ensure the above option works correctly on your server before activate this.', 'wp-hide-security-enhancer') .'</span><br />'. __('Block default content path. Your default wp-content path is set to', 'wp-hide-security-enhancer') . ' <strong>'. $this->wph->default_variables['content_directory'] .'</strong>
|
32 |
'. __('Apply only if <b>New Content Path</b> is not empty. It block only for non loged-in users.', 'wp-hide-security-enhancer'),
|
33 |
|
34 |
'input_type' => 'radio',
|
readme.txt
CHANGED
@@ -4,7 +4,7 @@ Donate link: https://www.nsp-code.com/
|
|
4 |
Tags: wordpress hide, hide, security, improve security, hacking, wp hide, custom login, wp-loging.php, wp-admin, admin hide, login change,
|
5 |
Requires at least: 2.8
|
6 |
Tested up to: 5.1.1
|
7 |
-
Stable tag: 1.5.6.
|
8 |
License: GPLv2 or later
|
9 |
|
10 |
Hide and increase Security for your WordPress site using smart techniques. No files are changed on your server. Change default admin and wp-login urls
|
@@ -291,6 +291,17 @@ Please get in touch with us and we'll do our best to include it for a next versi
|
|
291 |
|
292 |
== Changelog ==
|
293 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
294 |
= 1.5.6.3 =
|
295 |
* Fix: remove javascript comments produce worng replacements on specific format.
|
296 |
|
4 |
Tags: wordpress hide, hide, security, improve security, hacking, wp hide, custom login, wp-loging.php, wp-admin, admin hide, login change,
|
5 |
Requires at least: 2.8
|
6 |
Tested up to: 5.1.1
|
7 |
+
Stable tag: 1.5.6.7
|
8 |
License: GPLv2 or later
|
9 |
|
10 |
Hide and increase Security for your WordPress site using smart techniques. No files are changed on your server. Change default admin and wp-login urls
|
291 |
|
292 |
== Changelog ==
|
293 |
|
294 |
+
= 1.5.6.7 =
|
295 |
+
* Allow internal cron jobs to run even if wp-cron.php is blocked.
|
296 |
+
* Check with wp_filesystem for any errors and output the messages, before attempt to write any content
|
297 |
+
* Trigger site cache clear on settings changed or code update
|
298 |
+
* Slight css updates
|
299 |
+
* Mark block option in red text for better visibility and user awareness
|
300 |
+
|
301 |
+
= 1.5.6.4 =
|
302 |
+
* Fix: Keep double quote at the start of the replacements when doing JSON matches to avoid replacing strings for other domains
|
303 |
+
* Fix: Run compatibility pachage for "ShortPixel Adaptive Images" only when plugin is active
|
304 |
+
|
305 |
= 1.5.6.3 =
|
306 |
* Fix: remove javascript comments produce worng replacements on specific format.
|
307 |
|
router/environment.php
CHANGED
@@ -1,2 +1,2 @@
|
|
1 |
-
<?php if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly
|
2 |
$environment_variable = '{"theme":{"folder_name":"twentynineteen","mapped_name":"eereer"},"allowed_paths":["F:\/htdocs\/wp-hide.dev\/wp-content\/themes"],"cache_path":"F:\/htdocs\/wp-hide.dev\/wp-content\/cache\/wph\/","wordpress_directory":"","site_relative_path":"\/"}' ?>
|
1 |
+
<?php if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly
|
2 |
$environment_variable = '{"theme":{"folder_name":"twentynineteen","mapped_name":"eereer"},"allowed_paths":["F:\/htdocs\/wp-hide.dev\/wp-content\/themes"],"cache_path":"F:\/htdocs\/wp-hide.dev\/wp-content\/cache\/wph\/","wordpress_directory":"","site_relative_path":"\/"}' ?>
|
wp-hide.php
CHANGED
@@ -5,7 +5,7 @@ Plugin URI: https://www.wp-hide.com/
|
|
5 |
Description: Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
|
6 |
Author: Nsp Code
|
7 |
Author URI: http://www.nsp-code.com
|
8 |
-
Version: 1.5.6.
|
9 |
Text Domain: wp-hide-security-enhancer
|
10 |
Domain Path: /languages/
|
11 |
*/
|
5 |
Description: Hide and increase Security for your WordPress website instance using smart techniques. No files are changed on your server.
|
6 |
Author: Nsp Code
|
7 |
Author URI: http://www.nsp-code.com
|
8 |
+
Version: 1.5.6.7
|
9 |
Text Domain: wp-hide-security-enhancer
|
10 |
Domain Path: /languages/
|
11 |
*/
|